Home/ Questions/Q 6730635
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-26T10:25:55+00:00

I’m reading Pro C# 2010 and the .Net 4 Platform by Andrew Troelsen. In

  • 0

I’m reading Pro C# 2010 and the .Net 4 Platform by Andrew Troelsen.

In Chapter 15 about Attributes exists a note:

Note: For security reasons, it is considered a .Net best practice to design all custom attributes as sealed.

The author doesn’t explain why, can someone explain why?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    CA1813: Avoid unsealed attributes:
    The .NET Framework class library provides methods for retrieving
    custom attributes. By default, these methods search the attribute
    inheritance hierarchy; for example Attribute.GetCustomAttribute
    searches for the specified attribute type, or any attribute type that
    extends the specified attribute type. Sealing the attribute eliminates
    the search through the inheritance hierarchy, and can improve
    performance.

    Ref: https://learn.microsoft.com/visualstudio/code-quality/ca1813-avoid-unsealed-attributes

    Attributes are simply metadata discovered at runtime. As it is quoted, if someone else derives from your custom attribute class, by default .NET will find them too, which may imply a security risk if the derived attribute class is modifying the behavior of your original attribute in a way to you never intended to.

    Even though performance is the prime reason to seal attribute classes, here is a formidable article dealing with its security side.

    • 0